InfoLawUpdate - Top IT security threats revealed
Burnetts' information law solicitor Natalie Ruane reveals the top IT security threats.
The Information Commissioners Office (ICO) has published a new security report detailing the most common IT security weaknesses that have resulted in many organisations failing to keep people’s information secure.
The results of the report were published after several breaches were identified when the ICO carried out an investigation into poor IT practices. Many of the breaches identified have resulted in the ICO issuing monetary penalties totalling millions of pounds. The breaches could have been prevented had standard practices been adopted.
Some of the high-profile breaches include the British Pregnancy Advice Service; they were fined £200,000 after details of service users were compromised. Sony Computer Entertainment Europe were also fined £250,000 for failing to keep its software up to date leading to millions of customers details being left unsecure.
Some of the most common security vulnerabilities commented on by the ICO include;
- Insecure storage of passwords;
- Failing to encrypt online communications;
- The continued use of default credentials including passwords;
- Poor decommissioning of old software and services.
With the latest news reports that EBay has had its security compromised with unauthorised access to passwords and other personal data of account holders and the shocking revelation that it was only passwords that were encrypted and not all the personal data, it is very important to ensure security of your IT system and data storage is checked and updated accordingly.
About the author
Natalie is a Partner and leads the Employment Law & HR team and specialises in education.
Published: Thursday 5th June 2014
Categorised: Information Law